Researchers warn about new ransomware Snake

Snake is the latest in a long string of ransomware programs financial services firms must be on the lookout for.

The new virus was originally discovered by MalwareHunterTeam, the site that helps businesses and private individuals identify the ransomware that may have crippled their computers.

MalwareHunterTeam then shared their findings with Vitali Kremez, head of SentinelLabs at SentinelOne, the Mountain View-based antivirus platform provider, to analyse and reverse engineer the virus, BleepingComputer reported.

“The ransomware contains a level of routine obfuscation not previously and typically seen coupled with the targeted approach,” Kremez told the publication.

This is how Snake works: once the ransomware has infected a device, it will remove the computer’s shadow volume copies, which is a technology that creates backup copies or snapshots of the files in the computer.

Once the backup abilities have been disabled, Snake deletes processes related to SCADA systems, virtual machines, industrial control systems, remote management tools, network management software and more.

It then moves on to encrypt files on the computer before creating a ransom note, telling the computer owner to cough up or risk not getting their files back.

There is no shortage of ransomware strains out there, with GandCrab, Emotet, CrySis and Sodinokibi being deemed four of the worst ones out there.

Criminals are happy to use them. For instance, Sodinokibi, also referred to as REvil, was used in the hack attack discovered on New Year’s Eve 2019 that crippled foreign exchange company Travelex’s services.

In the UK alone, ransomware attacks grew by 118% in the first quarter of 2019.

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.